Closed
Bug 166869
Opened 22 years ago
Closed 19 years ago
LDAP auth needs usability work
Categories
(MailNews Core :: LDAP Integration, enhancement)
Tracking
(Not tracked)
RESOLVED
EXPIRED
People
(Reporter: francis+mozilla, Assigned: srilatha)
References
Details
I now know that Mozilla supports LDAP auth; but I wasn't able to figure that out until I spent an hour or so reading through bugzilla. It's not mentioned in the help, and it's obscure in the UI. The relevant UI element is a "Bind DN" field in the Directory Server Properties dialog. I didn't fill this out when I first tried to set up LDAP, because I was using Netscape 7.0PR1, which didn't have it. When I tried to search against the LDAP server, I kept getting told "0 entries". I upgraded to Mozilla 1.1, but didn't notice the "Bind DN" field--nor would I have known what it meant if I had. My IS guys managed to establish that Outlook Express could do the search if it was given a username and password; I tried it, and they were right, so I just assumed that Mozilla couldn't do LDAP auth. I came to bugzilla to report it; I searched first, of course, and found a whole slew of bugs about it, which seem to say that it had been implemented. I looked at the UI spec (http://www.mozilla.org/mailnews/specs/addressbook/#Directory), and it showed a "Log in with user name and password" checkbox, which wasn't in the UI I had. I thought maybe I was picking up an old version of the chrome, so I dug into messenger.jar, and found pref-add-directory.xul, with a control named "login", which sounded right. I finally figured out that this was the "Bind DN" field, and it wanted the equivalent of a username. I had no hope of guessing my actual DN, but I remembered something from one of the bugs I'd looked at that suggested I might be able to put in just a login name. So I did NTDOMAIN\username, and that worked. This *really* needs to be easier to use. At a minimum, "Bind DN" should be replaced by something comprehensible, and the help file should be updated. If the user doesn't provide a Bind DN, and bind fails, you should prompt for username & password, just like you do for HTTP. I realize that, according to the helpfile, your model is that admins will set up LDAP bindings for users; but that's not going to happen in a lot of places--it needs to be possible for people to try out Mozilla without admin support, so they can come to their admins and say, "This is a good program; you should support it". And even admins need usability; they shouldn't have to spend an hour grovelling through bug reports and XUL to figure out what's going on. Sorry for going on about this, but I'd hate to think that all the effort you guys put in on LDAP might be wasted because nobody can figure it out.
I use Mozilla 1.1 and wasn't even able to get LDAP working. The ldap server we hit does not require logging in, so I do not know what to put into the Bind DN Field. (Putting my username did not work). Besides that, this dialog definately needs usability fixes. Once you create an LDAP Directory (using the File->New->LDap directory) from the address book and hit ok, there is no way to get back to the dialog. I had to create a new one everytime I tried changing my ldap parameters. I have no clue what happened to all the other ldap directories i have created, or how do I delete them. My $0.02 worth..... Jalpesh.
Reporter | ||
Comment 2•22 years ago
|
||
If you don't use LDAP auth, the hard part is knowing what to use for the base DN. If your domain is example.com, you might try "dc=example,dc=com"; that's what worked for me. To edit an existing LDAP server, you can either go into Preferences -> Mail & News -> Addressing, and click on "Edit directories", or open the Address Book dialog, select the directory, and click on Properties.
Updated•20 years ago
|
Product: MailNews → Core
Comment 3•20 years ago
|
||
I can confirm the original comments on this bug using Windows XP SP2 and Thunderbird 1.0 RC1. Like the original reporter, I was attempting to use the LDAP feature in Thunderbird with authentication, but couldn't get it to return results. Once I put domain/username in the Bind DN, the next time I initated a search on the directory, it prompted for my password (using the Password Manager) and the search results worked. This option definately needs some UI cleanup to make it more friendly, especially for end-users.
Comment 4•19 years ago
|
||
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
Comment 5•19 years ago
|
||
This bug has been automatically resolved after a period of inactivity (see above comment). If anyone thinks this is incorrect, they should feel free to reopen it.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → EXPIRED
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•